Shareable Secretlint Config
📄 About
Shareable configuration for Secretlint — a tool for linting and fixing secrets in your codebase.
The configuration provides a set of rules and settings that can be easily shared and reused across different projects, reducing the amount of boilerplate code needed to set up Secretlint in each project.
→ Purpose
Simplify the process of setting up Secretlint in a project by providing a pre-configured set of rules and settings. This package can be useful for developers who want to:
- Use Secretlint in their project but don't want to spend time configuring it from scratch
- Share Secretlint configuration across multiple projects
- Avoid maintaining and updating Secretlint configuration in every project manually
The configuration includes a set of preconfigured rules, such as @secretlint/secretlint-rule-preset-recommend, that check for common mistakes and prevent secrets from being accidentally committed to the repository.
💿 Installation
To use Secretlint with @wayofdev/secretlint-config in a mono-repository, you can install them at the root level and configure it to lint only the packages that require it. Follow these steps:
-
Install
secretlintand@wayofdev/secretlint-configas development dependencies at the root of your mono-repository using the package manager of your choice (npm,yarn,pnpm, etc.). For example, usingpnpm:pnpm add -Dw secretlint @wayofdev/secretlint-config
-
Create a
.secretlintrc.jsonconfiguration file in the root of your mono-repository with the following content:{ "rules": {}, "rulesConfig": {}, "plugins": [], "processor": "", "noDefaultConfig": true, "configs": { "@wayofdev/secretlint-config": true }, "ignore": [], "include": [ "packages/*/**", "apps/*/**" ] }In this example, Secretlint is configured to use the
@wayofdev/secretlint-configpackage as its configuration, and to lint only the directories in thepackagesandappsfolders of the mono-repository.You can adjust the
includeandexcludepatterns to match your specific mono-repository structure and exclude files or directories that don't need to be linted. -
Add a linting script to the
scriptssection of thepackage.jsonfile at the root of your mono-repository:pnpm pkg set scripts.lint:secrets="secretlint"
This will add the
lint:secretsscript to thescriptssection of yourpackage.json.
That's it! You can now run the lint:secrets script to lint the relevant packages in your mono-repository.
→ Add Pre-commit Hook
To automatically lint files with Secretlint before committing them, you can use lint-staged and add it to your pre-commit hook. Here's how:
-
Follow the installation instructions for
lint-stagedin the @wayofdev/lint-staged-config package. This package provides a pre-configuredlint-stagedconfiguration that includes Husky and other tools. -
Add the following configuration to a
lint-staged.config.jsfile at the root of your mono-repository:module.exports = { '*': 'secretlint', }
This will configure
lint-stagedto run Secretlint on all staged files in your mono-repository.
🤝 License
🧱 Credits and Useful Resources
Based on:
Related projects:
This package builds on the work of others to provide a pre-configured Secretlint configuration that can be easily shared and reused across different projects. The related projects listed above may also be useful for integrating Secretlint into your project, particularly if you're using Git and want to automatically run Secretlint before committing changes.
🙆🏼♂️ Author Information
This repository was created in 2023 by lotyp / wayofdev.
🙌 Want to Contribute?
Thank you for considering contributing to the wayofdev community! We are open to all kinds of contributions. If you want to:
- 🤔 Suggest a feature
- 🐛 Report an issue
- 📖 Improve documentation
- 👨💻 Contribute to the code
You are more than welcome. Before contributing, kindly check our guidelines.